kalipso/infrastructure
1
1
Fork 1
Code Issues 42 Pull Requests 2 Actions Projects 2 Releases Wiki Activity
Files
nextcloud_deck_derivation
infrastructure/outputs.nix
kalipso 669b355d99
All checks were successful
Check flake syntax / flake-check (push) Successful in 12m34s
Details
WIP
2026-01-12 14:02:14 +01:00

192 lines
6.1 KiB
Nix
Raw Permalink Blame History

{ self
, utils
, nixpkgs
, nixpkgs-unstable
, nixos-generators
, sops-nix
, microvm
, ...
} @inputs:
# filter i686-liux from defaultSystem to run nix flake check successfully
let filter_system = name: if name == utils.lib.system.i686-linux then false else true;
in (utils.lib.eachSystem (builtins.filter filter_system utils.lib.defaultSystems) ( system:
let
pkgs-unstable = nixpkgs-unstable.legacyPackages."${system}";
pkgs = nixpkgs.legacyPackages."${system}";
hosts = import ./machines/hosts.nix ( inputs // { inherit inputs; self = self; });
utils = import ./machines/modules/host_builder.nix ( inputs // { inherit inputs; self = self; hosts = hosts; });
in
{
devShells.default =
let
sops = sops-nix.packages."${pkgs.system}";
microvmpkg = microvm.packages."${pkgs.system}";
installed = builtins.attrNames self.legacyPackages."${pkgs.system}".scripts;
in
pkgs.mkShell {
sopsPGPKeyDirs = [
"./machines/secrets/keys/hosts"
"./machines/secrets/keys/users"
];
nativeBuildInputs = [
sops.ssh-to-pgp
sops.sops-import-keys-hook
sops.sops-init-gpg-key
pkgs.sops
pkgs.age
pkgs.python313Packages.grip
pkgs.mdbook
pkgs.ssh-to-age
microvmpkg.microvm
];
packages = builtins.map (pkgName: self.legacyPackages."${pkgs.system}".scripts.${pkgName}) installed;
shellHook = ''echo "Available scripts: ${builtins.concatStringsSep " " installed}"'';
};
legacyPackages = {
scripts.remote-install = pkgs.writeShellScriptBin "remote-install" (builtins.readFile ./scripts/remote-install-encrypt.sh);
scripts.boot-unlock = pkgs.writeShellScriptBin "boot-unlock" (builtins.readFile ./scripts/unlock-boot.sh);
scripts.add-host-keys = pkgs.writeShellScriptBin "add-host-keys" (builtins.readFile ./scripts/add_new_host_keys.sh);
scripts.run-vm = self.packages.${system}.run-vm;
};
vmBuilder = utils.buildVM;
packages = {
docs = pkgs.stdenv.mkDerivation {
name = "malobeo-docs";
phases = [ "buildPhase" ];
buildInputs = [ pkgs.mdbook ];
inputs = pkgs.lib.sourceFilesBySuffices ./doc/. [ ".md" ".toml" ];
buildPhase = ''
dest=$out/share/doc
mkdir -p $dest
cp -r --no-preserve=all $inputs/* ./
mdbook build
ls
cp -r ./book/* $dest
'';
};
#deckWithDrag = pkgs.buildNpmPackage {
# name = "deckWithDrag";
# version = "1.16.2";
# src = pkgs.fetchFromGitHub {
# owner = "nextcloud";
# repo = "deck";
# rev = "v1.16.2";
# hash = "sha256-NBkCdMjIY2r+AgCLBt4YnD4sUW7GTKxT5vHAmpk4wno=";
# leaveDotGit = true;
# };
# makeCacheWritable = true;
# npmDepsHash = "sha256-VaKfpYFtrTUvGbKORPvex1FvLz4vR7zfHAf+fdf/6OE=";
# buildInputs = with pkgs; [
# gnumake krankerl php84Packages.composer php nodejs_24
# ];
# patches = [
# (pkgs.fetchpatch {
# url = "https://git.dynamicdiscord.de/ahtlon/deck/commit/77cbcf42ca80dd32e450839f02faca2e5fed3761.patch";
# sha256 = "sha256-agwFMwXO8WLL0+pdeKF/pA59V9ah9t590sCl1msQonA=";
# })
# ];
# buildPhase = ''
# ${pkgs.krankerl}/bin/krankerl package
# '';
#};
deckWithDrag = pkgs.stdenv.mkDerivation {
name = "deckWithDrag";
src = pkgs.fetchFromGitHub {
owner = "nextcloud";
repo = "deck";
rev = "v1.16.2";
hash = "sha256-NBkCdMjIY2r+AgCLBt4YnD4sUW7GTKxT5vHAmpk4wno=";
leaveDotGit = true;
};
buildInputs = with pkgs; [
gnumake krankerl php84Packages.composer php nodejs_24
];
patches = [
(pkgs.fetchpatch {
url = "https://git.dynamicdiscord.de/ahtlon/deck/commit/77cbcf42ca80dd32e450839f02faca2e5fed3761.patch";
sha256 = "sha256-agwFMwXO8WLL0+pdeKF/pA59V9ah9t590sCl1msQonA=";
})
];
buildPhase = ''
make release
#${pkgs.krankerl}/bin/krankerl package
'';
};
run-vm = pkgs.writeShellScriptBin "run-vm" (builtins.readFile ./scripts/run-vm.sh);
};
apps = {
docs = {
type = "app";
program = builtins.toString (pkgs.writeShellScript "docs" ''
${pkgs.xdg-utils}/bin/xdg-open "${self.packages.${system}.docs}/share/doc/index.html"
'');
};
docsDev = {
type = "app";
program = builtins.toString (pkgs.writeShellScript "docs" ''
echo "needs to run from infrastuctre root folder"
${pkgs.mdbook}/bin/mdbook serve --open ./doc
'');
};
run-vm = {
type = "app";
program = "${self.packages.${system}.run-vm}/bin/run-vm";
};
};
})) // (
let
hosts = import ./machines/hosts.nix ( inputs // { inherit inputs; self = self; });
utils = import ./machines/modules/host_builder.nix ( inputs // { inherit inputs; self = self; hosts = hosts; });
in
{
nixosConfigurations = utils.buildHost hosts.malobeo.hosts;
nixosModules.malobeo = {
host.imports = [ ./machines/durruti/host_config.nix ];
microvm.imports = [ ./machines/modules/malobeo/microvm_host.nix ];
vpn.imports = [ ./machines/modules/malobeo/wireguard.nix ];
initssh.imports = [ ./machines/modules/malobeo/initssh.nix ];
metrics.imports = [ ./machines/modules/malobeo/metrics.nix ];
disko.imports = [ ./machines/modules/disko ];
users.imports = [ ./machines/modules/malobeo/users.nix ];
backup.imports = [ ./machines/modules/malobeo/backup.nix ];
printing.imports = [ ./machines/modules/malobeo/printing.nix ];
};
hydraJobs = nixpkgs.lib.mapAttrs (_: nixpkgs.lib.hydraJob) (
let
getBuildEntry = name: nixosSystem:
if (nixpkgs.lib.hasPrefix "sdImage" name) then
nixosSystem.config.system.build.sdImage
else
nixosSystem.config.system.build.toplevel;
in
nixpkgs.lib.mapAttrs getBuildEntry self.nixosConfigurations
);
})
Reference in New Issue View Git Blame Copy Permalink